NAME
File::KeePass - Interface to KeePass V1 database files
SYNOPSIS
use File::KeePass;
use Data::Dumper qw(Dumper);
my $k = File::KeePass->new;
if (! eval { $k->load_db($file, $master_pass) }) {
die "Couldn't load the file $file: $@";
}
print Dumper $k->groups; # passwords are locked
$k->unlock;
print Dumper $k->groups; # passwords are now visible
$k->clear; # delete current db from memory
my $group = $k->add_group({
title => 'Foo',
}); # root level group
my $gid = $group->{'id'};
my $group = $k->find_group({id => $gid});
# OR
my $group = $k->find_group({title => 'Foo'});
my $group2 = $k->add_group({
title => 'Bar',
group => $gid,
# OR group => $group,
}); # nested group
my $e = $k->add_entry({
title => 'Something',
username => 'someuser',
password => 'somepass',
group => $gid,
# OR group => $group,
});
my $eid = $e->{'id'};
my $e = $k->find_entry({id => $eid});
# OR
my $e = $k->find_entry({title => 'Something'});
$k->lock;
print $e->{'password'}; # eq undef
print $k->locked_entry_password($e); # eq 'somepass'
$k->unlock;
print $e->{'password'}; # eq 'somepass'
$k->save_db("/some/file/location.kdb", $master_pass);
METHODS
new Returns a new File::KeePass object. Any named arguments are added to
self.
auto_lock
Default true. If true, passwords are automatically hidden when a
database loaded via parse_db or load_db.
$k->auto_lock(0); # turn off auto locking
load_db
Takes a kdb filename and a master password. Returns true on success.
Errors die. The resulting database can be accessed via various
methods including $k->groups.
save_db
Takes a kdb filename and a master password. Stores out the current
groups in the object. Writes attempt to write first to
$file.new.$epoch and are then renamed into the correct location.
You will need to unlock the db via $k->unlock before calling this
method if the database is currently locked.
clear
Clears any currently loaded groups database.
parse_db
Takes an encrypted kdb database and a master password. Returns true
on success. Errors die. The resulting database can be accessed via
various methods including $k->groups.
parse_header
Used by parse_db.
parse_groups
Used by parse_db.
parse_entries
Used by parse_db.
parse_date
Parses a kdb packed date.
decrypt_rijndael_cbc
Takes an encrypted string, a key, and an encryption_iv string.
Returns a plaintext string.
encrypt_rijndael_cbc
Takes a plaintext string, a key, and an encryption_iv string.
Returns an encrypted string.
gen_db
Takes a master password. Optionally takes a "groups" arrayref and a
"headers" hashref. If groups are not passed, it defaults to using
the currently loaded groups. If headers are not passed, a fresh set
of headers are generated based on the groups and the master
password. The headers can be passed in to test round trip
portability.
You will need to unlock the db via $k->unlock before calling this
method if the database is currently locked.
gen_header
Returns a kdb file header.
gen_date
Returns a kdb packed date.
dump_groups
Returns a simplified string representation of the currently loaded
database.
print $k->dump_groups;
You can optionally pass a match argument hashref. Only entries
matching the criteria will be returned.
groups
Returns an arrayref of groups from the currently loaded database.
Groups returned will be hierarchal. Note, groups simply returns a
reference to all of the data. It makes no attempts at cleaning up
the data (find_groups will make sure the data is groomed).
my $g = $k->groups;
Groups will look similar to the following:
$g = [{
expanded => 0,
icon => 0,
id => 234234234,
title => 'Foo',
level => 0,
entries => [{
accessed => "2010-06-24 15:09:19",
bin_desc => "",
binary => "",
comment => "",
created => "2010-06-24 15:09:19",
expires => "2999-12-31 23:23:59",
icon => 0,
modified => "2010-06-24 15:09:19",
title => "Something",
password => 'somepass', # will be hidden if the database is locked
url => "",
username => "someuser",
id => "0a55ac30af68149f62c072d7cc8bd5ee"
}],
groups => [{
expanded => 0,
icon => 0,
id => 994414667,
level => 1,
title => "Bar"
}],
}];
header
Returns the current loaded db header.
add_group
Adds a new group to the database. Returns a reference to the new
group. If a database isn't loaded, it begins a new one. Takes a
hashref of arguments for the new entry including title, icon,
expanded. A new random group id will be generated. An optional group
argument can be passed. If a group is passed the new group will be
added under that parent group.
my $group = $k->add_group({title => 'Foo'});
my $gid = $group->{'id'};
my $group2 = $k->add_group({title => 'Bar', group => $gid});
The group argument's value may also be a reference to a group - such
as that returned by find_group.
finder_tests {
Used by find_groups and find_entries. Takes a hashref of arguments
and returns a list of test code refs.
{title => 'Foo'} # will check if title equals Foo
{'title !' => 'Foo'} # will check if title does not equal Foo
{'title =~' => qr{^Foo$}} # will check if title does matches the regex
{'title !~' => qr{^Foo$}} # will check if title does not match the regex
find_groups
Takes a hashref of search criteria and returns all matching groups.
Can be passed id, title, icon, and level. Search arguments will be
parsed by finder_tests.
my @groups = $k->find_groups({title => 'Foo'});
my @all_groups_flattened = $k->find_groups({});
The find_groups method also checks to make sure group ids are unique
and that all needed values are defined.
find_group
Calls find_groups and returns the first group found. Dies if
multiple results are found. In scalar context it returns only the
group. In list context it returns the group, and its the arrayref in
which it is stored (either the root level group or a sub groups
group item).
delete_group
Passes arguments to find_group to find the group to delete. Then
deletes the group. Returns the group that was just deleted.
add_entry
Adds a new entry to the database. Returns a reference to the new
entry. An optional group argument can be passed. If a group is not
passed, the entry will be added to the first group in the database.
A new entry id will be created if one is not passed or if it
conflicts with an existing group.
The following fields can be passed.
accessed => "2010-06-24 15:09:19", # last accessed date
bin_desc => "", # description of the stored binary - typically a filename
binary => "", # raw data to be stored in the system - typically a file
comment => "", # a comment for the system - auto-type info is normally here
created => "2010-06-24 15:09:19", # entry creation date
expires => "2999-12-31 23:23:59", # date entry expires
icon => 0, # icon number for use with agents
modified => "2010-06-24 15:09:19", # last modified
title => "Something",
password => 'somepass', # will be hidden if the database is locked
url => "",
username => "someuser",
id => "0a55ac30af68149f62c072d7cc8bd5ee" # randomly generated automatically
group => $gid, # which group to add the entry to
The group argument's value may also be a reference to a group - such
as that returned by find_group.
find_entries
Takes a hashref of search criteria and returns all matching groups.
Can be passed an entry id, title, username, comment, url, active,
group_id, group_title, or any other entry property. Search arguments
will be parsed by finder_tests.
my @entries = $k->find_entries({title => 'Something'});
my @all_entries_flattened = $k->find_entries({});
find_entry
Calls find_entries and returns the first entry found. Dies if
multiple results are found. In scalar context it returns only the
entry. In list context it returns the entry, and its group.
delete_entry
Passes arguments to find_entry to find the entry to delete. Then
deletes the entry. Returns the entry that was just deleted.
now Returns the current localtime datetime stamp.
is_locked
Returns true if the current database is locked.
lock
Locks the database. This moves all passwords into a protected, in
memory, encrypted storage location. Returns 1 on success. Returns 2
if the db is already locked. If a database is loaded vai parse_db or
load_db and auto_lock is true, the newly loaded database will start
out locked.
unlock
Unlocks a previously locked database. You will need to unlock a
database before calling save_db or gen_db.
locked_entry_password
Allows access to individual passwords for a database that is locked.
Dies if the database is not locked.
BUGS
Only Rijndael is supported.
Only passkeys are supported (no key files).
This module makes no attempt to act as a password agent. That is the job
of File::KeePass::Agent. This isn't really a bug but some people will
think it is.
Groups and entries don't have true objects associated with them. At the
moment this is by design. The data is kept as plain boring data.
SOURCES
Knowledge about the KeePass DB v1 format was gleaned from the source
code of keepassx-0.4.3. That source code is published under the GPL2
license. KeePassX 0.4.3 bears the copyright of
Copyright (C) 2005-2008 Tarek Saidi
Copyright (C) 2007-2009 Felix Geyer
The encryption/decryption algorithms of File::KeePass are of derivative
nature from KeePassX and could not have been created without this
insight - though the perl code is from scratch.
AUTHOR
Paul Seamons
LICENSE
This module may be distributed under the same terms as Perl itself.